Welcome to Dojo AI: Where AI agents strengthen your SOC

For too long, security has been defined by reaction, responding to every alert, chasing every anomaly, burning time and energy without clarity. But the strongest fighters don’t swing at every feint. They train, prepare, and conserve their energy for the moments that matter. That’s not just strength; that’s resilience.

Now, this philosophy has entered the SOC. And it has a name: Sumo Logic Dojo AI.

Welcome to the dojo

In martial arts, a dojo isn’t about conflict. It’s about discipline, practice, and confidence. Students train to avoid wasted motion, to anticipate, and to endure. The same philosophy is now guiding security operations into a new AI era. 

It’s built on agentic AI architecture, where multiple forms of intelligence and automation work together instead of standing alone. Automation delivers repeatable discipline through scripts and playbooks. Machine learning detects anomalies, classifies patterns, and enriches insights—for example, with user and entity behavior analytics (UEBA). Generative AI provides fluency in natural language, making querying and summarization seamless. And now, agents orchestrate these capabilities, taking action inside analyst workflows rather than waiting passively for prompts

At the core of this design is the Model Context Protocol (MCP), a governance layer that regulates how agents interact with data, models, and external tools. This ensures that AI is not just powerful, but also trustworthy, resilient, and aligned with human defenders

Dojo AI is where specialized agents take on repetitive work, interpret context, and give analysts clarity, so people can focus on the moments that truly matter. 

Resilience by design: A different kind of AI

Most AI in operations has promised quick fixes: copilots to generate queries, dashboards that summarize alerts, and bots that respond on command. But the grind continues. Analysts still drown in alerts, and noise still overwhelms clarity.

Dojo AI is different because it is grounded in a philosophy of resilience:

• In the dojo, discipline matters. That’s why customer data is never used to train models. Instead, feedback sharpens performance, and new foundational models bring fresh strength improvements by design, not by accident.
• Model upgrades come from progress in foundational AI. Dojo AI benefits as underlying AWS models evolve, not from risky, ungoverned training within customer systems.

This balance ensures Dojo AI delivers practical resilience without sacrificing security or privacy.

What lives in Dojo AI today

The dojo isn’t just an idea, it’s real, live, and working today. And it follows a deliberate progression of Insight → Summary → Query → Conversation:

• Summary Agent: Explains each Insight clearly — what happened, why it triggered, and what context matters — so analysts know immediately if they should investigate further.
• Query Agent: When more detail is needed, Query Agent translates natural language into precise queries, eliminating the time sink of syntax writing and debugging.
• Mobot: The dojo’s sensei, Mobot, connects analysts to every agent through natural language, orchestrating the correct response at the right moment.

Together, these agents change the daily rhythm of the SOC. Instead of slogging through alerts, analysts move fluidly from awareness to clarity to investigation.

The Dojo in action

Consider a Tier-1 analyst starting their shift. Usually, they’d log in to a wall of alerts, mostly false positives. Instead, they can now begin with Mobot.

“Show me the high-severity threats from the last 24 hours,” they type.

The analyst starts with insights already correlated with Sumo Logic. The Summary Agent immediately explains why those Insights triggered, adding context from correlated signals. If a deeper investigation is warranted, the query agent builds targeted inquiries in seconds.

What once took 60 minutes per alert is now condensed to moments without sacrificing accuracy.

Here are a few scenarios that bring the philosophy of resilience to life:

• Ransomware outbreak: Insights surface anomalous lateral movement. Summary Agent explains its alignment with ransomware behaviors. The query agent pivots quickly to confirm whether a similar movement occurs in other subnets.
• Insider threat: Insights detect unusual file access. Summary Agent outlines deviation from baseline behavior. Query Agent retrieves a 30-day view of the user’s access history for validation.
• Cloud misconfigurations: Insights highlight an exposed S3 bucket. The Summary Agent explains the exposure risk. The Query Agent pulls access logs to verify potential misuse.

The result is resilience in practice: analysts conserve time and energy for the threats that matter.

Why Dojo AI is different

Many vendors are making AI claims. But the dojo philosophy makes Dojo AI distinct:

1. Scale without compromise: Sumo Logic processes exabytes of telemetry every day, backed by over 15 years of operational experience. That heritage provides unmatched context while preserving privacy by design.
2. Governed evolution: Agents improve through curated feedback and new foundational models, not uncontrolled training on your data.
3. Context-first summarization: Unlike tools that summarize individual alerts, Dojo AI summarizes at the Insight level, ensuring clarity instead of noise.
4. Parallel workflows: Agentic architecture lets multiple agents act simultaneously, accelerating investigation and response.
5. Human-centered resilience: The dojo philosophy restores analysts’ focus on creativity and defense, not mechanics and fatigue.

This isn’t about hype cycles. It’s about building resilience into the SOC, where it’s most needed.

The human side of Dojo AI

Technology alone doesn’t win battles. People do. Dojo AI was created not to replace humans, but to return you to meaningful work.

Analysts don’t join this field to click through endless false positives. You join to solve puzzles, protect your organizations, and outthink adversaries. Dojo AI gives you that chance.

Dojo AI offloads repetition, creating space for creativity, judgment, and strategy. The human defender becomes what you were always meant to be: the resilient core of the SOC.

Step into the dojo. Become resilient.